1 /* $OpenBSD: ieee80211_crypto.h,v 1.23 2015/12/05 16:26:53 mpi Exp $ */ 2 3 /*- 4 * Copyright (c) 2007,2008 Damien Bergamini <damien.bergamini@free.fr> 5 * 6 * Permission to use, copy, modify, and distribute this software for any 7 * purpose with or without fee is hereby granted, provided that the above 8 * copyright notice and this permission notice appear in all copies. 9 * 10 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES 11 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF 12 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR 13 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES 14 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN 15 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 16 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 17 */ 18 19 #ifndef _NET80211_IEEE80211_CRYPTO_H_ 20 #define _NET80211_IEEE80211_CRYPTO_H_ 21 22 /* 23 * 802.11 protocol crypto-related definitions. 24 */ 25 26 /* 27 * 802.11 ciphers. 28 */ 29 enum ieee80211_cipher { 30 IEEE80211_CIPHER_NONE = 0x00000000, 31 IEEE80211_CIPHER_USEGROUP = 0x00000001, 32 IEEE80211_CIPHER_WEP40 = 0x00000002, 33 IEEE80211_CIPHER_TKIP = 0x00000004, 34 IEEE80211_CIPHER_CCMP = 0x00000008, 35 IEEE80211_CIPHER_WEP104 = 0x00000010, 36 IEEE80211_CIPHER_BIP = 0x00000020 /* 11w */ 37 }; 38 39 /* 40 * 802.11 Authentication and Key Management Protocols. 41 */ 42 enum ieee80211_akm { 43 IEEE80211_AKM_NONE = 0x00000000, 44 IEEE80211_AKM_8021X = 0x00000001, 45 IEEE80211_AKM_PSK = 0x00000002, 46 IEEE80211_AKM_SHA256_8021X = 0x00000004, /* 11w */ 47 IEEE80211_AKM_SHA256_PSK = 0x00000008 /* 11w */ 48 }; 49 50 #define IEEE80211_TKIP_HDRLEN 8 51 #define IEEE80211_TKIP_MICLEN 8 52 #define IEEE80211_TKIP_ICVLEN 4 53 #define IEEE80211_CCMP_HDRLEN 8 54 #define IEEE80211_CCMP_MICLEN 8 55 56 #define IEEE80211_PMK_LEN 32 57 58 #ifdef _KERNEL 59 60 static __inline int 61 ieee80211_is_8021x_akm(enum ieee80211_akm akm) 62 { 63 return akm == IEEE80211_AKM_8021X || 64 akm == IEEE80211_AKM_SHA256_8021X; 65 } 66 67 static __inline int 68 ieee80211_is_sha256_akm(enum ieee80211_akm akm) 69 { 70 return akm == IEEE80211_AKM_SHA256_8021X || 71 akm == IEEE80211_AKM_SHA256_PSK; 72 } 73 74 struct ieee80211_key { 75 u_int8_t k_id; /* identifier (0-5) */ 76 enum ieee80211_cipher k_cipher; 77 u_int k_flags; 78 #define IEEE80211_KEY_GROUP 0x00000001 /* group data key */ 79 #define IEEE80211_KEY_TX 0x00000002 /* Tx+Rx */ 80 #define IEEE80211_KEY_IGTK 0x00000004 /* integrity group key */ 81 82 u_int k_len; 83 u_int64_t k_rsc[IEEE80211_NUM_TID]; 84 u_int64_t k_mgmt_rsc; 85 u_int64_t k_tsc; 86 u_int8_t k_key[32]; 87 void *k_priv; 88 }; 89 90 #define IEEE80211_KEYBUF_SIZE 16 91 92 /* 93 * Entry in the PMKSA cache. 94 */ 95 struct ieee80211_pmk { 96 enum ieee80211_akm pmk_akm; 97 u_int32_t pmk_lifetime; 98 #define IEEE80211_PMK_INFINITE 0 99 100 u_int8_t pmk_pmkid[IEEE80211_PMKID_LEN]; 101 u_int8_t pmk_macaddr[IEEE80211_ADDR_LEN]; 102 u_int8_t pmk_key[IEEE80211_PMK_LEN]; 103 104 TAILQ_ENTRY(ieee80211_pmk) pmk_next; 105 }; 106 107 /* forward references */ 108 struct ieee80211com; 109 struct ieee80211_node; 110 111 void ieee80211_crypto_attach(struct ifnet *); 112 void ieee80211_crypto_detach(struct ifnet *); 113 114 struct ieee80211_key *ieee80211_get_txkey(struct ieee80211com *, 115 const struct ieee80211_frame *, struct ieee80211_node *); 116 struct ieee80211_key *ieee80211_get_rxkey(struct ieee80211com *, 117 struct mbuf *, struct ieee80211_node *); 118 struct mbuf *ieee80211_encrypt(struct ieee80211com *, struct mbuf *, 119 struct ieee80211_key *); 120 struct mbuf *ieee80211_decrypt(struct ieee80211com *, struct mbuf *, 121 struct ieee80211_node *); 122 123 int ieee80211_set_key(struct ieee80211com *, struct ieee80211_node *, 124 struct ieee80211_key *); 125 void ieee80211_delete_key(struct ieee80211com *, struct ieee80211_node *, 126 struct ieee80211_key *); 127 128 void ieee80211_eapol_key_mic(struct ieee80211_eapol_key *, 129 const u_int8_t *); 130 int ieee80211_eapol_key_check_mic(struct ieee80211_eapol_key *, 131 const u_int8_t *); 132 #ifndef IEEE80211_STA_ONLY 133 void ieee80211_eapol_key_encrypt(struct ieee80211com *, 134 struct ieee80211_eapol_key *, const u_int8_t *); 135 #endif 136 int ieee80211_eapol_key_decrypt(struct ieee80211_eapol_key *, 137 const u_int8_t *); 138 139 struct ieee80211_pmk *ieee80211_pmksa_add(struct ieee80211com *, 140 enum ieee80211_akm, const u_int8_t *, const u_int8_t *, u_int32_t); 141 struct ieee80211_pmk *ieee80211_pmksa_find(struct ieee80211com *, 142 struct ieee80211_node *, const u_int8_t *); 143 void ieee80211_derive_ptk(enum ieee80211_akm, const u_int8_t *, 144 const u_int8_t *, const u_int8_t *, const u_int8_t *, 145 const u_int8_t *, struct ieee80211_ptk *); 146 int ieee80211_cipher_keylen(enum ieee80211_cipher); 147 148 int ieee80211_wep_set_key(struct ieee80211com *, struct ieee80211_key *); 149 void ieee80211_wep_delete_key(struct ieee80211com *, 150 struct ieee80211_key *); 151 struct mbuf *ieee80211_wep_encrypt(struct ieee80211com *, struct mbuf *, 152 struct ieee80211_key *); 153 struct mbuf *ieee80211_wep_decrypt(struct ieee80211com *, struct mbuf *, 154 struct ieee80211_key *); 155 156 int ieee80211_tkip_set_key(struct ieee80211com *, struct ieee80211_key *); 157 void ieee80211_tkip_delete_key(struct ieee80211com *, 158 struct ieee80211_key *); 159 struct mbuf *ieee80211_tkip_encrypt(struct ieee80211com *, 160 struct mbuf *, struct ieee80211_key *); 161 struct mbuf *ieee80211_tkip_decrypt(struct ieee80211com *, 162 struct mbuf *, struct ieee80211_key *); 163 void ieee80211_tkip_mic(struct mbuf *, int, const u_int8_t *, 164 u_int8_t[IEEE80211_TKIP_MICLEN]); 165 void ieee80211_michael_mic_failure(struct ieee80211com *, u_int64_t); 166 167 int ieee80211_ccmp_set_key(struct ieee80211com *, struct ieee80211_key *); 168 void ieee80211_ccmp_delete_key(struct ieee80211com *, 169 struct ieee80211_key *); 170 struct mbuf *ieee80211_ccmp_encrypt(struct ieee80211com *, struct mbuf *, 171 struct ieee80211_key *); 172 struct mbuf *ieee80211_ccmp_decrypt(struct ieee80211com *, struct mbuf *, 173 struct ieee80211_key *); 174 175 int ieee80211_bip_set_key(struct ieee80211com *, struct ieee80211_key *); 176 void ieee80211_bip_delete_key(struct ieee80211com *, 177 struct ieee80211_key *); 178 struct mbuf *ieee80211_bip_encap(struct ieee80211com *, struct mbuf *, 179 struct ieee80211_key *); 180 struct mbuf *ieee80211_bip_decap(struct ieee80211com *, struct mbuf *, 181 struct ieee80211_key *); 182 183 #endif /* _KERNEL */ 184 #endif /* _NET80211_IEEE80211_CRYPTO_H_ */ 185